Re: Does it make sense to ban IP'sReply #1 - Aug 22nd, 2012 at 11:19pm

I think it does myself, yeah. But, I guess it all depends on how large your forum is. It's not really considered a good thing to ban them permanently though - obviously IPs change hands and a lot are dynamic, so if you are going to ban them, clear the older ones out every couple of months or so.

If an IP is attacking or over crawling your site, it can eat your resources for no reason, so banning certainly isn't a bad thing.

I'm more a believer in blocking them in the first place before it even comes to having to ban them though.

Figuring out a way to keep the bandwidth eaters out in the first place is logically the best way to go - At some point we should look at things like bad behavior detection to stop them before they do damage. The various anti-spam bot mods YaBB already has is just scratching the surface of possibilities.

But at some point we also need to look at a way to allow timed bans so that Admins don't have to worry as much about removing things from the banned lists.

« Last Edit: Aug 23rd, 2012 at 1:26am by Dandello »

If you only have one solution to a problem you're not trying hard enough!

Before installing anti-spam mods, it certainly made sense for our forum to ban IP addresses. Then again, it was really a pointless exercise since spammers were simply using different IP addresses. Still, I hope that option will continue to be part of YaBB. It's a convenient feature.

Like Derek pointed out, it's not really considered a good thing to ban IP addresses permanently. I'm actually thinking of clearing out the ones we currently have in our banned IP list. I don't remember the last time I banned an IP address. It's been a while.

I like Dandello's idea of utilizing timed bans so that Admins don't have to worry as much about removing them later on.

Morning, noon, or night, have a great one!

Note: Like most others, this forum doesn't allow us to freely edit our posts or topics to make corrections as needed, so please remember to look for subsequent posts if you see any mistakes or outdated information. Sorry for the inconvenience.

When I first set up my forum with the default security the forum was spammed to death within 24 hours. Banning IPs made no difference. Botnets tend to have lots of IPs so it is probably going to be a difference on each time.

As many of us have found, a combination of good anti-spam questions (Derek Barnstorm's anti-spam question mod), Captcha with ggn's captcha hack and Carsten's SpamFruits works wonders to keep the spambots out without IP banning.

The 2.5.4 dev board has been up for over a year and we have yet to have a spambot get through - and we have guest posting turned on. (But the error log logs at least 1000 spambot hits every day.)

If you only have one solution to a problem you're not trying hard enough!

... spambots out without IP banning ... we have yet to have a spambot get through - and we have guest posting turned on.

I can happily confirm this with a YaBB 2.4 forum. We no longer need to ban IP addresses, and we also have guest posting enabled.

Morning, noon, or night, have a great one!

Note: Like most others, this forum doesn't allow us to freely edit our posts or topics to make corrections as needed, so please remember to look for subsequent posts if you see any mistakes or outdated information. Sorry for the inconvenience.

On my forum I've seen the same IP listed a few hundred times in the error log within a short time span, sometimes as little as 20 or less minutes. I remember one time the same IP was listed 500 times in 10 minutes. My error log is set for 500 errors so I have no idea how long this was going on.

I will ban those IPs even though in many (but not all) cases it is a short term fix. Saying that, I have noticed many banned IPs from China are the same ones from over a year ago

I think the only good reason to ban IPs is to fight against bandwidth wasters.

I find Carsten's SpamFruits mod does 80% of the heavy work eliminating spambots with Derek Barnstorm's anti-spam question mod taking care of the rest.

If I allowed guests to post on my forum ggn's captcha hack would be a valuable asset. My Captcha is simple, only 3 and I haven't had a spammer on my forum in years. Because of the two Mods mentioned above and I don't allow guest posting I've been thinking about eliminating the Captcha all together.

I think this is a good example that different forums and admins have different needs - The dev forum has some pretty high hurdles to get past for posting, but then, I figure if you're going to post there, you'd better be tech savvy enough able to get past the hurdles and have something to say beyond offering mortgage refinancing and sex drugs.

But I also have one forum that a 3 character captcha may be too much for some potential members to handle.

If you only have one solution to a problem you're not trying hard enough!